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~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 

All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1308. 

1 . |EI This communication is responsive to telephone inteiview with Mr. Aaronson on 6/29/2010. 

2. The allowed claim(s) is/are 17-20 and 22-34 . 

3. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a) □ All b)DSome* c) □ None of the: 

1. □ Certified copies of the priority documents have been received. 

2. □ Certified copies of the priority documents have been received in Application No. . 

3. □ Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
THIS THREE-MONTH PERIOD IS NOT EXTENDABLE. 

4. □ A SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 

INFORMAL PATENT APPLICATION (PTO-152) which gives reason(s) why the oath or declaration is deficient. 

5. □ CORRECTED DRAWINGS ( as "replacement sheets") must be submitted. 

(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 

1 ) □ hereto or 2) □ to Paper No./Mail Date . 

(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 

Paper No./Mail Date . 

Identifying indicia such as the application number (see 37 CFR 1. 84(c)) should be written on the drawings in the front (not the back) of 
each sheet. Replacement sheet(s) should be labeled as such in the header according to 37 CFR 1.121(d). 

6. □ DEPOSIT OF and/or INFORMATION about the deposit of BIOLOGICAL MATERIAL must be submitted. Note the 

attached Examiner's comment regarding REQUIREMENT FOR THE DEPOSIT OF BIOLOGICAL MATERIAL. 
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9. □ Other . 
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EXAMINER'S AMENDMENT 

1 . An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1 .312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Mr. Larry Aaronson on June 29, 2010. 

The application has been amended as follows: 

1-16. (Cancelled) 

17. (Currently amended) A secure intermediation method performed by 
an intermediary positioned along a communication path between a client node and a 
server node, comprising: 

receiving a session request from the client node, wherein the session request is 
a request to initiate secure communications between the client node and the server 
node; 

sending to the client node a certificate in response to the session request: 
establishing a first secure session between the client node and the intermediary: 
i n response to roco i v i ng tho session request, establishing a second secure 
session between the intermediary and the server node : and 
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after establishing the first and second secure sessions, (i) receiving date a 
payment message from the client node, (ii) detecting that the payment message 
includes an account number, (iii) modifying the payment message by replacing the 
account number with a limited-use payment number from a payment server, and (iy) 
sending the r e c ei v e d data modified payment message to the server node over the 
second secure session. 

18. (Original) The method of claim 1 7, wherein the first and second secure 
sessions Is are secure socket layer sessions. 

19. (Currently amended) In a secure intermediation system, a method 
performed at a c li ont nodo comprising: 

sending from a client node a session request addressed to a server node, 
wherein the session request comprises a request to initiate a secure socket layer 
session between the client node and the server node; 

receiving at the client node a certificate in response to the session request; 

determining at the client node that the certificate corresponds to an intermediary 
positioned along a communications path between the client node and the server node; 

establishing a first secure session between the client node and the intermediary; 
establishing a second secure session between the intermediary and the server 

node: 
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receiving at the intermediary from the client node a payment message including 
an account number: 

modifying the payment message at the intermediary by replacing the account 
number with a limited-use payment number received from a payment server: and 

sending the modified payment message from the intermediary to the server 

node . 

20. (Currently amended) An intermediation system comprising: 
a processor for executing logic: 

session request logic executable on the processor and operative to detect a 
session request sent from the a client node, wherein the session request comprises a 
request to initiate a secure session between the client node and the a server node; 

session initiation logic executable on the processor and operative to establish a 
first secure session with the client node and a second secure session with the server 
node, the session initiation logic being responsive to the detection of the session 
request by the session request logic; an4 

linking logic executable on the processor and operative to enable communication 
between the client node and the server node bv linking the first secure session with the 
second secure session; 

account-number detection logic executing on a processor and operative to 
determine that a message sent bv the client node is a payment message that includes 
an account number: 
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payment number request logic executing on a processor and operative to request 
a limited-use payment number from a payment server: and 

modification logic executing on a processor and operative to modify the payment 
message by replacing the account number with the limited-use payment number . 

21. (Cancelled) 

22. (Original) The system of claim 21 , wherein the first and second secure 
sessions is-a are secure socket layer sessions. 

23. (Currently amended) A secure intermediation system, comprising: 
a network interface; 

a processor; and 

data storage, wherein the data storage stores instructions executable by the 
processor (i) to receive a session request from the a client node, wherein the session 
request comprises a request to initiate secure communications between the client node 
and the a server node; (ii) to establish a first secure session b e tw ee n th e i nt e rm e d i ary 
an4 with the server in response to receiving the session request; (iii) to establish a 
second secure session between the intermediary and the server in response to 
receiving the session request: (iv) to receive date a payment message from the client 
node after establishing the first and second secure session , wherein the payment 
message includes an account number : (v) to modify the payment message bv replacing 
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the account number with a limited use payment number received from a payment 
server, and (iv) (yi) to send the roco i vod data modified payment message to the server 
over the second secure session. 

24. (New) The method of claim 17, wherein the account number is a credit 
card number. 

25. (New) The method of claim 17, further comprising sending a verification 
message to the client node after detecting the payment message includes the account 
number, wherein the verification message prompts a user of the client node to approve 
replacement of the account number. 

26. (New) The method of claim 17, further comprising requesting the limited- 
use payment number from said payment server. 

27. (New) The method of claim 19, wherein the account number is a credit 
card number. 

28. (New) The method of claim 19, further comprising sending a verification 
message to the client node to prompt a user of the client node to approve replacement 
of the account number. 
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29. (New) The method of claim 19, further comprising requesting the limited- 
use payment number from said payment server. 

30. (New) The system of claim 20, wherein the account number is a credit 
card number. 

31 . (New) The system of claim 20, wherein the account-number detection 
logic is further operative to send a verification message to the client node to prompt a 
user of the client node to approve replacement of the account number. 

32. (New) The system of claim 23, wherein the account number is a credit 
card number. 

33. (New) The system of claim 23, wherein the instructions are further 
executable by the processor to send a verification message to the client node to prompt 
a user of the client node to approve replacement of the account number. 

34. (New) The system of claim 23, wherein the instructions are further 
executable by the processor to request the limited-use payment number from said 
payment server. 
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2. The following is an examiner's statement of reasons for allowance: The prior art 
of Baskey discloses a secure intermediation system that links a first secure session with 
a second secure session with an intermediate node. However, Baskey does not teach a 
detecting payment message in a communication over the first secure session and to 
modify the payment message by replacing the account number with a limited use 
payment number received from a payment server and to send the modified payment 
message to the server over the second secure session. 



Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 

Any inquiry concerning this communication should be directed to Gilberto Barron 
Jr. at telephone number (571 )272-3799. 



/Gilberto Barron Jr./ 

Supervisory Patent Examiner, Art Unit 2432 



